SY0-701 Study Notes
Search
Search
Dark mode
Light mode
Explorer
Home
❯
Domain 5: Security Program Management & Oversight
❯
concepts
Folder: domain-5-program-management/concepts
97 items under this folder.
Mar 20, 2026
3-2-1 backup rule
domain/5
type/sub-topic
Mar 20, 2026
Ad hoc vs. recurring vs. continuous
domain/5
type/sub-topic
Mar 20, 2026
After-action review
domain/5
type/sub-topic
Mar 20, 2026
Anonymization vs. pseudonymization
domain/5
type/sub-topic
Mar 20, 2026
Attestation
domain/5
type/sub-topic
Mar 20, 2026
Audit scope
domain/5
type/sub-topic
Mar 20, 2026
Benchmarks vs. frameworks
domain/5
type/sub-topic
Mar 20, 2026
BIA as the foundation
domain/5
type/sub-topic
Mar 20, 2026
Board and executive involvement
domain/5
type/sub-topic
Mar 20, 2026
Business continuity vs. disaster recovery
domain/5
type/sub-topic
Mar 20, 2026
Centralized vs. decentralized governance
domain/5
type/sub-topic
Mar 20, 2026
CIS Controls
domain/5
type/sub-topic
Mar 20, 2026
Classification criteria
domain/5
type/sub-topic
Mar 20, 2026
Commercial / private sector classifications
domain/5
type/sub-topic
Mar 20, 2026
Compliance automation
domain/5
type/sub-topic
Mar 20, 2026
Compliance monitoring
domain/5
type/sub-topic
Mar 20, 2026
Compliance reporting
domain/5
type/sub-topic
Mar 20, 2026
Consequences of non-compliance
domain/5
type/sub-topic
Mar 20, 2026
Contractual compliance
domain/5
type/sub-topic
Mar 20, 2026
Critical business functions
domain/5
type/sub-topic
Mar 20, 2026
CSA Cloud Controls Matrix (CCM)
domain/5
type/sub-topic
Mar 20, 2026
Culture of security
domain/5
type/sub-topic
Mar 20, 2026
Data breach notification
domain/5
type/sub-topic
Mar 20, 2026
Data ownership and processing agreements
domain/5
type/sub-topic
Mar 20, 2026
Data states
domain/5
type/sub-topic
Mar 20, 2026
Declassification
domain/5
type/sub-topic
Mar 20, 2026
Dependencies
domain/5
type/sub-topic
Mar 20, 2026
Documentation
domain/5
type/sub-topic
Mar 20, 2026
Environmental factors
domain/5
type/sub-topic
Mar 20, 2026
Evidence collection
domain/5
type/sub-topic
Mar 20, 2026
Exception process
domain/5
type/sub-topic
Mar 20, 2026
External audit
domain/5
type/sub-topic
Mar 20, 2026
FERPA
domain/5
type/sub-topic
Mar 20, 2026
Findings and remediation
domain/5
type/sub-topic
Mar 20, 2026
Fourth-party risk
domain/5
type/sub-topic
Mar 20, 2026
Gamification
domain/5
type/sub-topic
Mar 20, 2026
GDPR
domain/5
type/sub-topic
Mar 20, 2026
Geographic considerations
domain/5
type/sub-topic
Mar 20, 2026
GLBA
domain/5
type/sub-topic
Mar 20, 2026
Governance committees
domain/5
type/sub-topic
Mar 20, 2026
Government / military classifications
domain/5
type/sub-topic
Mar 20, 2026
Handling procedures
domain/5
type/sub-topic
Mar 20, 2026
HIPAA
domain/5
type/sub-topic
Mar 20, 2026
Impact categories
domain/5
type/sub-topic
Mar 20, 2026
Industry standards
domain/5
type/sub-topic
Mar 20, 2026
Inherent risk
domain/5
type/sub-topic
Mar 20, 2026
Insider threat awareness
domain/5
type/sub-topic
Mar 20, 2026
Internal audit
domain/5
type/sub-topic
Mar 20, 2026
Internal vs. external compliance
domain/5
type/sub-topic
Mar 20, 2026
ISO 27001 / 27002
domain/5
type/sub-topic
Mar 20, 2026
Labeling and marking
domain/5
type/sub-topic
Mar 20, 2026
Maximum Tolerable Downtime (MTD)
domain/5
type/sub-topic
Mar 20, 2026
Mean Time Between Failures (MTBF)
domain/5
type/sub-topic
Mar 20, 2026
Mean Time to Repair (MTTR)
domain/5
type/sub-topic
Mar 20, 2026
Metrics
domain/5
type/sub-topic
Mar 20, 2026
Monitoring and reporting
domain/5
type/sub-topic
Mar 20, 2026
NIST Cybersecurity Framework (CSF)
domain/5
type/sub-topic
Mar 20, 2026
NIST SP 800-53
domain/5
type/sub-topic
Mar 20, 2026
Offboarding
domain/5
type/sub-topic
Mar 20, 2026
Order of restoration
domain/5
type/sub-topic
Mar 20, 2026
PCI DSS
domain/5
type/sub-topic
Mar 20, 2026
PHI (Protected Health Information)
domain/5
type/sub-topic
Mar 20, 2026
Phishing simulations
domain/5
type/sub-topic
Mar 20, 2026
PII (Personally Identifiable Information)
domain/5
type/sub-topic
Mar 20, 2026
Policies, standards, baselines, guidelines, procedures
domain/5
type/sub-topic
Mar 20, 2026
Policy lifecycle
domain/5
type/sub-topic
Mar 20, 2026
Privacy by design
domain/5
type/sub-topic
Mar 20, 2026
Privacy Impact Assessment (PIA)
domain/5
type/sub-topic
Mar 20, 2026
Qualitative risk assessment
domain/5
type/sub-topic
Mar 20, 2026
Qualitative vs. quantitative analysis
domain/5
type/sub-topic
Mar 20, 2026
Quantitative risk assessment
domain/5
type/sub-topic
Mar 20, 2026
Recovery Point Objective (RPO)
domain/5
type/sub-topic
Mar 20, 2026
Recovery Time Objective (RTO)
domain/5
type/sub-topic
Mar 20, 2026
Regulatory audit
domain/5
type/sub-topic
Mar 20, 2026
Regulatory compliance
domain/5
type/sub-topic
Mar 20, 2026
Replication
domain/5
type/sub-topic
Mar 20, 2026
Residual risk
domain/5
type/sub-topic
Mar 20, 2026
Right to audit
domain/5
type/sub-topic
Mar 20, 2026
Risk appetite vs. risk tolerance
domain/5
type/sub-topic
Mar 20, 2026
Risk identification
domain/5
type/sub-topic
Mar 20, 2026
Risk matrix / heat map
domain/5
type/sub-topic
Mar 20, 2026
Risk register
domain/5
type/sub-topic
Mar 20, 2026
Risk = Threat x Vulnerability x Impact
domain/5
type/sub-topic
Mar 20, 2026
Role-based training
domain/5
type/sub-topic
Mar 20, 2026
Roles and responsibilities
domain/5
type/sub-topic
Mar 20, 2026
Service Level Agreements (SLAs)
domain/5
type/sub-topic
Mar 20, 2026
Single point of failure (SPOF)
domain/5
type/sub-topic
Mar 20, 2026
SOC reports
domain/5
type/sub-topic
Mar 20, 2026
SOX (Sarbanes-Oxley)
domain/5
type/sub-topic
Mar 20, 2026
Succession planning
domain/5
type/sub-topic
Mar 20, 2026
Supply chain risk
domain/5
type/sub-topic
Mar 20, 2026
Testing the DRP
domain/5
type/sub-topic
Mar 20, 2026
Threat assessment
domain/5
type/sub-topic
Mar 20, 2026
Training frequency
domain/5
type/sub-topic
Mar 20, 2026
Vendor assessment
domain/5
type/sub-topic
Mar 20, 2026
Vendor lock-in
domain/5
type/sub-topic
Mar 20, 2026
Vulnerability assessment
domain/5
type/sub-topic